本文通过一个具体的JSP页面示例介绍了如何实现HTTP基本认证和摘要认证。文章详细展示了从获取请求头中的授权信息到验证用户名及密码的过程,并提供了两种不同认证方式的具体实现。
<%@ page language="java" import="java.util.*" pageEncoding="utf-8"%>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<title>My JSP 'index.jsp' starting page</title>
<meta http-equiv="pragma" content="no-cache">
<meta http-equiv="cache-control" content="no-cache">
<meta http-equiv="expires" content="0">
<meta http-equiv="keywords" content="keyword1,keyword2,keyword3">
<meta http-equiv="description" content="This is my page">
<!--
<link rel="stylesheet" type="text/css" href="styles.css">
-->
</head>
<body>
<%
sun.misc.BASE64Decoder decoder = new sun.misc.BASE64Decoder();
boolean authenticated = false;
String authorization = request.getHeader("authorization");
System.out.println("authorization:" + authorization);
if (authorization != null) {
if (authorization.startsWith("Basic")) {
authorization = authorization.substring(authorization
.indexOf(' ') + 1);
byte[] bytes = decoder.decodeBuffer(authorization);
authorization = new String(bytes);
String userName = authorization.substring(0, authorization
.indexOf(':'));
String password = authorization.substring(authorization
.indexOf(':') + 1);
System.out.println("userName:" + userName);
System.out.println("password:" + password);
authenticated = userName.equals("abc")
&& password.equals("abc");
} else if (authorization.startsWith("Digest")) {
String userName = authorization.substring(authorization
.indexOf("username="));
userName = userName.substring("username=\"".length());
userName = userName.substring(0, userName.indexOf('"'));
String password = authorization.substring(authorization
.indexOf("response="));
password = password.substring("response=\"".length());
password = password.substring(0, password.indexOf('"'));
authenticated = userName.equals("abc")
&& password
.equals("3cf1135d3b8e20dd9272d06288569a56");
}
}
if (!authenticated) {
// response.addHeader("WWW-Authenticate","Digest realm=\"Tomcat Manager Application\"");
扫一扫
2282
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
